ff-admin-server/src/helpers/permissionHelper.ts

import { Request, Response } from "express";
import {
  PermissionModule,
  permissionModules,
  PermissionObject,
  PermissionSection,
  PermissionString,
  PermissionType,
  permissionTypes,
} from "../type/permissionTypes";
import ForbiddenRequestException from "../exceptions/forbiddenRequestException";

export default class PermissionHelper {
  static passCheckMiddleware(
    section: PermissionSection,
    module: PermissionModule,
    requiredPermissions: Array<PermissionType> | "*"
  ): (req: Request, res: Response, next: Function) => void {
    return (req: Request, res: Response, next: Function) => {
      const permissions = req.rights;

      if (permissions.admin) {
        next();
      } else if (permissions?.[section]?.all) {
        next();
      } else if (permissions?.[section]?.all) {
        next();
      } else if (permissions?.[section]?.[module] == "*") {
        next();
      } else if (
        (permissions?.[section]?.[module] as Array<PermissionType>).some((e: PermissionType) =>
          requiredPermissions.includes(e)
        )
      ) {
        next();
      } else {
        throw new ForbiddenRequestException(
          `missing permission for ${section}.${module}.${
            Array.isArray(requiredPermissions) ? requiredPermissions.join("|") : requiredPermissions
          }`
        );
      }
    };
  }

  static convertToObject(permissions: Array<PermissionString>): PermissionObject {
    if (permissions.includes("*")) {
      return {
        admin: true,
      };
    }
    let output: PermissionObject = {};
    let splitPermissions = permissions.map((e) => e.split(".")) as Array<
      [PermissionSection, PermissionModule | PermissionType | "*", PermissionType | "*"]
    >;
    for (let split of splitPermissions) {
      if (!output[split[0]]) {
        output[split[0]] = {};
      }
      if (split[1] == "*" || output[split[0]].all == "*") {
        output[split[0]] = { all: "*" };
      } else if (permissionTypes.includes(split[1] as PermissionType)) {
        if (!output[split[0]].all || !Array.isArray(output[split[0]].all)) {
          output[split[0]].all = [];
        }
        const permissionIndex = permissionTypes.indexOf(split[1] as PermissionType);
        const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1);
        output[split[0]].all = appliedPermissions;
      } else {
        if (split[2] == "*" || output[split[0]][split[1] as PermissionModule] == "*") {
          output[split[0]][split[1] as PermissionModule] = "*";
        } else {
          if (
            !output[split[0]][split[1] as PermissionModule] ||
            !Array.isArray(output[split[0]][split[1] as PermissionModule])
          ) {
            output[split[0]][split[1] as PermissionModule] = [];
          }
          const permissionIndex = permissionTypes.indexOf(split[2] as PermissionType);
          const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1);
          output[split[0]][split[1] as PermissionModule] = appliedPermissions;
        }
      }
    }
    return output;
  }

  static convertToStringArray(permissions: PermissionObject): Array<PermissionString> {
    if (permissions.admin) {
      return ["*"];
    }
    let output: Array<PermissionString> = [];
    let sections = Object.keys(permissions) as Array<PermissionSection>;
    for (let section of sections) {
      if (permissions[section].all) {
        let types = permissions[section].all;
        if (types == "*") {
          output.push(`${section}.*`);
        } else {
          for (let type of types) {
            output.push(`${section}.${type}`);
          }
        }
      } else {
        let modules = Object.keys(permissions[section]) as Array<PermissionModule>;
        for (let module of modules) {
          let types = permissions[section][module];
          if (types == "*") {
            output.push(`${section}.${module}.*`);
          } else {
            for (let type of types) {
              output.push(`${section}.${module}.${type}`);
            }
          }
        }
      }
    }
    return output;
  }

  static getWhatToAdd() {}

  static getWhatToRemove() {}
}
permission system - permission formatting 2024-08-26 13:47:08 +02:00			`import { Request, Response } from "express";`
			`import {`
			`PermissionModule,`
			`permissionModules,`
			`PermissionObject,`
			`PermissionSection,`
			`PermissionString,`
			`PermissionType,`
			`permissionTypes,`
			`} from "../type/permissionTypes";`
			`import ForbiddenRequestException from "../exceptions/forbiddenRequestException";`

			`export default class PermissionHelper {`
			`static passCheckMiddleware(`
			`section: PermissionSection,`
			`module: PermissionModule,`
			`requiredPermissions: Array<PermissionType> \| "*"`
			`): (req: Request, res: Response, next: Function) => void {`
			`return (req: Request, res: Response, next: Function) => {`
			`const permissions = req.rights;`

			`if (permissions.admin) {`
			`next();`
			`} else if (permissions?.[section]?.all) {`
			`next();`
			`} else if (permissions?.[section]?.all) {`
			`next();`
			`} else if (permissions?.[section]?.[module] == "*") {`
			`next();`
			`} else if (`
			`(permissions?.[section]?.[module] as Array<PermissionType>).some((e: PermissionType) =>`
			`requiredPermissions.includes(e)`
			`)`
			`) {`
			`next();`
			`} else {`
			`throw new ForbiddenRequestException(`
			`missing permission for ${section}.${module}.${
			`Array.isArray(requiredPermissions) ? requiredPermissions.join("\|") : requiredPermissions`
			}`
			`);`
			`}`
			`};`
			`}`

			`static convertToObject(permissions: Array<PermissionString>): PermissionObject {`
			`if (permissions.includes("*")) {`
			`return {`
			`admin: true,`
			`};`
			`}`
			`let output: PermissionObject = {};`
			`let splitPermissions = permissions.map((e) => e.split(".")) as Array<`
			`[PermissionSection, PermissionModule \| PermissionType \| "", PermissionType \| ""]`
			`>;`
			`for (let split of splitPermissions) {`
			`if (!output[split[0]]) {`
			`output[split[0]] = {};`
			`}`
			`if (split[1] == "" \|\| output[split[0]].all == "") {`
			`output[split[0]] = { all: "*" };`
			`} else if (permissionTypes.includes(split[1] as PermissionType)) {`
			`if (!output[split[0]].all \|\| !Array.isArray(output[split[0]].all)) {`
			`output[split[0]].all = [];`
			`}`
			`const permissionIndex = permissionTypes.indexOf(split[1] as PermissionType);`
			`const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1);`
			`output[split[0]].all = appliedPermissions;`
			`} else {`
			`if (split[2] == "" \|\| output[split[0]][split[1] as PermissionModule] == "") {`
			`output[split[0]][split[1] as PermissionModule] = "*";`
			`} else {`
			`if (`
			`!output[split[0]][split[1] as PermissionModule] \|\|`
			`!Array.isArray(output[split[0]][split[1] as PermissionModule])`
			`) {`
			`output[split[0]][split[1] as PermissionModule] = [];`
			`}`
			`const permissionIndex = permissionTypes.indexOf(split[2] as PermissionType);`
			`const appliedPermissions = permissionTypes.slice(0, permissionIndex + 1);`
			`output[split[0]][split[1] as PermissionModule] = appliedPermissions;`
			`}`
			`}`
			`}`
			`return output;`
			`}`

			`static convertToStringArray(permissions: PermissionObject): Array<PermissionString> {`
			`if (permissions.admin) {`
			`return ["*"];`
			`}`
			`let output: Array<PermissionString> = [];`
			`let sections = Object.keys(permissions) as Array<PermissionSection>;`
			`for (let section of sections) {`
			`if (permissions[section].all) {`
			`let types = permissions[section].all;`
			`if (types == "*") {`
			output.push(`${section}.*`);
			`} else {`
			`for (let type of types) {`
			output.push(`${section}.${type}`);
			`}`
			`}`
			`} else {`
			`let modules = Object.keys(permissions[section]) as Array<PermissionModule>;`
			`for (let module of modules) {`
			`let types = permissions[section][module];`
			`if (types == "*") {`
			output.push(`${section}.${module}.*`);
			`} else {`
			`for (let type of types) {`
			output.push(`${section}.${module}.${type}`);
			`}`
			`}`
			`}`
			`}`
			`}`
			`return output;`
			`}`

			`static getWhatToAdd() {}`

			`static getWhatToRemove() {}`
			`}`